Bitcoin Forum
April 23, 2014, 11:09:29 PM *
News: Due to the OpenSSL heartbleed bug, changing your forum password is recommended.
 
   Home   Help Search Donate Login Register  
Pages: [1] 2 3 4  All
  Print  
Author Topic: casascius and other physical bitcoins is a fraudulent idea  (Read 3287 times)
DeepCryptoanalist3
Jr. Member
*
Offline Offline

Activity: 51


View Profile

Ignore
November 29, 2013, 11:46:41 AM
 #1

Following a good will Casascius apparently opened the pandora box. Now people are really believe that the sealing proves that the physical bitcoin is secure. But of course it is not. A producer of a physical note or a coin can copy and preserve the private key. This situation is so strange. I bet that if this hysteria wouldn't decline we will face a wave of fraud associated with a physical pseudosecured coins in a future.

It would be better if Casascius spend the same amount of effort populating the idea that only self printed paper wallets are secure. Every such cold storage obtained from a second party as a present, gift or a payment should be immediately transferred to the safer wallet because private key could be copied and preserved by a grantor. Tamper-evident seal in this case doesn't provide the needed level of security because the private key could be copied before the sealing was applied on a coin.

Shame on you Casascius   Sad
Unbeatable Service & Product Support
Grab Your Miners at GAWMiners.com
Order Before April 25th to receive
Double your Hashing Power for 1 week!

Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
1398294569
Hero Member
*
Offline Offline

Posts: 1398294569

View Profile Personal Message (Offline)

Ignore
1398294569
Reply with quote  #2

1398294569
Report to moderator
steelboy
Sr. Member
****
Offline Offline

Activity: 364



View Profile

Ignore
November 29, 2013, 11:50:32 AM
 #2

Thing is Casascius made the effort to do this when the bitcoin price was very low. He believed it would be something the community wanted, (and he was right).

The trust is an issue of course but he has always been open with his identity and i am pretty sure he has made a good enough amount of money  and is of decent enough character to not bother ruining his entire reputation as a human being.

Nice first post b the way  Roll Eyes
djalexr
Member
**
Offline Offline

Activity: 104


View Profile

Ignore
November 29, 2013, 11:55:03 AM
 #3

I believe his intentions were pure in this case, and he did state the intention was more of a novelty than anything else - actually it was primarily a response to idiots constantly complaining "but I can't hold it in my hand!!". But yeah, does require trust on the behalf of the producer and Mike has built trust and been here from the start. I would be very wary about holding a significant amount of these, other than for collection purposes. I'd also be wary of any new people that come on the block offering various coins/bills etc. At the end of the day, you've trusted a private key to someone by buying one.

Kluge
Donator
Hero Member
*
Offline Offline

Activity: 938



View Profile

Ignore
November 29, 2013, 11:57:25 AM
 #4

Worst first post ever.

Casascius has been around since just about the dawn of Bitcoin. AFAIK, there have been exactly 0 accusations of him keeping and using coin privkeys (keeping in mind Goat, one of the most temperamental Bitcoin users of significant public awareness, has had thousands of bitcoins in Cas coins). There have been no cases I'm aware of where the seal's been successfully bypassed and sold as legitimate. Unlike self-printed paper wallets, Cas coins can be traded in a relatively secure manner offline because Casascius is a trusted third-party.

Accepting new escrow transactions. Free/tips -- over 1350 BTC held in escrow to date.
(seeking remote PT work, ~10hrs/wk - must be tax-compliant in US)
DeepCryptoanalist3
Jr. Member
*
Offline Offline

Activity: 51


View Profile

Ignore
November 29, 2013, 12:05:26 PM
 #5

Yes I understand that what Casascius do was made by a good will as I said, but the result is horrific.

It looks like the number of cheaters who issuing and selling physical bitcoins are growing. They have already fixed every wiki.

For example https://en.bitcoin.it/wiki/Physical_bitcoin stating that "the private key remains hidden, which is likely achieved through the use of a tamper-evident seal" its a myth not to say a lie! Producer can preserve the private key, sealing have no protection against the fraudulent producer of a coin or a banknote. Who have an edit access to en.bitcoin.it? The article should be fixed.

Now I have a long discussion with one physicist who want to remove the statement about insecureness of physical bitcoins from the wikipedia article http://en.wikipedia.org/wiki/Bitcoin and put back the statement of physical bitcoins secureness. His statement is simple: I do not understand what you are talking about, there was no big fraud associated with physical bitcoins yet.

So many guys here in this forum pride oneself that they have a physical coin. Its nonsense. Buying a  physical bitcoins you are literally deposit your wallet to a random guys for a hold.
herzmeister
Hero Member
*****
Offline Offline

Activity: 1064



View Profile WWW

Ignore
November 29, 2013, 12:09:49 PM
 #6

first, Casascius has proven to be trustworthy so far, and second, no one ever stated anything else that these physical coins are anything else than just a gimmick. As illustrative material especially in meatspace they're also very helpful.

https://localbitcoins.com/?ch=80k | BTC: 1LJvmd1iLi199eY7EVKtNQRW3LqZi8ZmmB
DeepCryptoanalist3
Jr. Member
*
Offline Offline

Activity: 51


View Profile

Ignore
November 29, 2013, 12:17:53 PM
 #7

first, Casascius has proven to be trustworthy so far, and second, no one ever stated anything else that these physical coins are anything else than just a gimmick. As illustrative material especially in meatspace they're also very helpful.

I am not talking about Casascius specifically, I am arguing that the idea of a physical bitcoins is a subject for a fraud. And populating the idea of physical coins Casascius does more harm than good. Also you can't prove that Casascius himself doesn't preserve private keys for his coins though. Its a question of a pure trust. No one know what producers of a physical bitcoins will do when bitcoin will grow to $457000 will they remain to be good guys or will they go on a dark side?

Just imagine the future and that you are a producer of a physical coin. You have sold it for $30 and now bitcoin value is $457000. And accidentally by intention or by mistake you have preserved a private keys for three or four of this coins. What will you do?
Meni Rosenfeld
Donator
Hero Member
*
Offline Offline

Activity: 1162



View Profile WWW

Ignore
November 29, 2013, 12:19:09 PM
 #8

Worst first post ever.

Casascius has been around since just about the dawn of Bitcoin. AFAIK, there have been exactly 0 accusations of him keeping and using coin privkeys (keeping in mind Goat, one of the most temperamental Bitcoin users of significant public awareness, has had thousands of bitcoins in Cas coins).
I like Casascius and everything but I don't really agree with this assessment. He could have kept all the keys, waiting for the coins to be valuable enough to steal everything. Right now there are tens of millions of dollars worth of his coins; few people have the integrity to walk away from such amounts, and past performance (in this case, Casascius' good form so far) is not an indication of future results. If he kept the keys, he has much more to gain by stealing everything than to lose.

Of course, this threat model is still much better than if he could make the decision to keep keys retroactively.

1EofoZNBhWQ3kxfKnvWkhtMns4AivZArhr   |   Who am I?   |   bitcoin-otc WoT
Bitcoil - Exchange bitcoins for ILS (thread)   |   Israel Bitcoin community homepage (thread)
Analysis of Bitcoin Pooled Mining Reward Systems (thread, summary)  |   PureMining - Infinite-term, deterministic mining bond
benjamindees
Hero Member
*****
Offline Offline

Activity: 938


View Profile

Ignore
November 29, 2013, 12:19:33 PM
 #9

No implementation is perfect.  But the idea itself has some merit.  It is possible to make electronic physical coins that generate their own private keys, hide them from the end user, and self-destruct when tampered with.  As long as the cost of bypassing the controls exceeds the value of the coin, they would be extremely trustworthy.

Civil Liberty Through Complex Mathematics
andye
Newbie
*
Offline Offline

Activity: 8


View Profile

Ignore
November 29, 2013, 12:32:48 PM
 #10

It is possible to make electronic physical coins that generate their own private keys, hide them from the end user, and self-destruct when tampered with. 

It is? How? Not doubting what you say, just interested in the mechanism.

Presumably the destination address is public somehow, and the issuer provides proof (e.g. from the blockchain) that they have sent the requisite amount of coins to the destination address. What if the purchaser opens the physical token and finds that the private key inside does not match the destination address to which the funds have been deposited?

(Newbie here so apologies if this is a stupid question).
crazy_rabbit
Hero Member
*****
Offline Offline

Activity: 756


RUM AND CARROTS: A PIRATE LIFE FOR ME


View Profile

Ignore
November 29, 2013, 12:38:28 PM
 #11

Following a good will Casascius apparently opened the pandora box. Now people are really believe that the sealing proves that the physical bitcoin is secure. But of course it is not. A producer of a physical note or a coin can copy and preserve the private key. This situation is so strange. I bet that if this hysteria wouldn't decline we will face a wave of fraud associated with a physical pseudosecured coins in a future.

It would be better if Casascius spend the same amount of effort populating the idea that only self printed paper wallets are secure. Every such cold storage obtained from a second party as a present, gift or a payment should be immediately transferred to the safer wallet because private key could be copied and preserved by a grantor. Tamper-evident seal in this case doesn't provide the needed level of security because the private key could be copied before the sealing was applied on a coin.

Shame on you Casascius   Sad


Wow, someone with activity of 3 shaming Casascius.

While your points are valid, they come from a time when most of us were not so concerned and felt happy to trust Casascius. Of course now everyone and their mother is in bitcoin and it's impossible to figure out who is who. If you don't trust it. Don't buy it. Simple as that.

Founder of Aeternum.in - NFC enabled, Secure, Bitcoin Cold Storage.
For the next thing in Bitcoin: http://mastercointalk.org/
DeepCryptoanalist3
Jr. Member
*
Offline Offline

Activity: 51


View Profile

Ignore
November 29, 2013, 12:51:50 PM
 #12

Wow, someone with activity of 3 shaming Casascius.

While your points are valid, they come from a time when most of us were not so concerned and felt happy to trust Casascius. Of course now everyone and their mother is in bitcoin and it's impossible to figure out who is who. If you don't trust it. Don't buy it. Simple as that.

What is the value of physical bitcoins now? 10000BTC? 50000BTC? What will happens if all of them will be the subject for a massive fraud in nearest future? What will newspapers print about this? What will be the reaction of a public? Everyone said that physical bitcoins are secure but than it appears to be not, bitcoins are junk?... this will trigger the wide regret in bitcoins and the drop of its price. Even if you haven't any physical bitcoins you will suffer. How many bitcoins do you have? Would you like to lose some money because of this?
Kluge
Donator
Hero Member
*
Offline Offline

Activity: 938



View Profile

Ignore
November 29, 2013, 12:53:09 PM
 #13

Worst first post ever.

Casascius has been around since just about the dawn of Bitcoin. AFAIK, there have been exactly 0 accusations of him keeping and using coin privkeys (keeping in mind Goat, one of the most temperamental Bitcoin users of significant public awareness, has had thousands of bitcoins in Cas coins).
I like Casascius and everything but I don't really agree with this assessment. He could have kept all the keys, waiting for the coins to be valuable enough to steal everything. Right now there are tens of millions of dollars worth of his coins; few people have the integrity to walk away from such amounts, and past performance (in this case, Casascius' good form so far) is not an indication of future results. If he kept the keys, he has much more to gain by stealing everything than to lose.

Of course, this threat model is still much better than if he could make the decision to keep keys retroactively.
I don't disagree with the principles of what you're saying. It's just... I don't see Mike running off with $100M in stolen bitcoins (but as you know, I've been wrong before, though I've never had the level of confidence like with Cas). I'm pretty sure he's rational. It's not something where he can just say "oh, it was uhhh... a relic hunter who was spying on the manufacture of the coins." He's a criminal from the moment someone discovers coins are missing, and the amount he'd have access to would almost definitely draw international cooperation from law enforcement. Beyond that, he's been a long-time supporter of Bitcoin, and I'd be very surprised if he didn't have a good few heavily-loaded, legitimately-obtained coins for himself. I guess I don't know, though. Maybe he does a hundred lines of cocaine a day and is really motivated to get coins by whatever means necessary. (can't wait to see his response to this thread)

(in looking up info for response, it turns out Mike suspended operations a couple days ago. https://www.casascius.com/ )

Accepting new escrow transactions. Free/tips -- over 1350 BTC held in escrow to date.
(seeking remote PT work, ~10hrs/wk - must be tax-compliant in US)
oakpacific
Hero Member
*****
Offline Offline

Activity: 588


View Profile

Ignore
November 29, 2013, 12:57:38 PM
 #14

FYI, it's fairly easy to produce physical bitcoins which only the owner can spend https://bitcointalk.org/index.php?topic=66862.0

Nothing great was ever achieved without irrational exuberance.
crazy_rabbit
Hero Member
*****
Offline Offline

Activity: 756


RUM AND CARROTS: A PIRATE LIFE FOR ME


View Profile

Ignore
November 29, 2013, 01:04:04 PM
 #15

Wow, someone with activity of 3 shaming Casascius.

While your points are valid, they come from a time when most of us were not so concerned and felt happy to trust Casascius. Of course now everyone and their mother is in bitcoin and it's impossible to figure out who is who. If you don't trust it. Don't buy it. Simple as that.

What is the value of physical bitcoins now? 10000BTC? 50000BTC? What will happens if all of them will be the subject for a massive fraud in nearest future? What will newspapers print about this? What will be the reaction of a public? Everyone said that physical bitcoins are secure but than it appears to be not, bitcoins are junk?... this will trigger the wide regret in bitcoins and the drop of its price. Even if you haven't any physical bitcoins you will suffer. How many bitcoins do you have? Would you like to lose some money because of this?

So what exactly do you propose? Building a time machine, going back to 2011 and asking Casacius not to make them? Because I don't see what your point is. What is done is done. Maybe they weren't the best idea at the time, but you, and everyone else, is just going to have to live with it, no?

Founder of Aeternum.in - NFC enabled, Secure, Bitcoin Cold Storage.
For the next thing in Bitcoin: http://mastercointalk.org/
Meni Rosenfeld
Donator
Hero Member
*
Offline Offline

Activity: 1162



View Profile WWW

Ignore
November 29, 2013, 01:08:24 PM
 #16

Worst first post ever.

Casascius has been around since just about the dawn of Bitcoin. AFAIK, there have been exactly 0 accusations of him keeping and using coin privkeys (keeping in mind Goat, one of the most temperamental Bitcoin users of significant public awareness, has had thousands of bitcoins in Cas coins).
I like Casascius and everything but I don't really agree with this assessment. He could have kept all the keys, waiting for the coins to be valuable enough to steal everything. Right now there are tens of millions of dollars worth of his coins; few people have the integrity to walk away from such amounts, and past performance (in this case, Casascius' good form so far) is not an indication of future results. If he kept the keys, he has much more to gain by stealing everything than to lose.

Of course, this threat model is still much better than if he could make the decision to keep keys retroactively.
I don't disagree with the principles of what you're saying. It's just... I don't see Mike running off with $100M in stolen bitcoins (but as you know, I've been wrong before, though I've never had the level of confidence like with Cas). I'm pretty sure he's rational. It's not something where he can just say "oh, it was uhhh... a relic hunter who was spying on the manufacture of the coins." He's a criminal from the moment someone discovers coins are missing, and the amount he'd have access to would almost definitely draw international cooperation from law enforcement. Beyond that, he's been a long-time supporter of Bitcoin, and I'd be very surprised if he didn't have a good few heavily-loaded, legitimately-obtained coins for himself. I guess I don't know, though. Maybe he does a hundred lines of cocaine a day and is really motivated to get coins by whatever means necessary. (can't wait to see his response to this thread)

(in looking up info for response, it turns out Mike suspended operations a couple days ago. https://www.casascius.com/ )
Sure, I don't expect any problem... But the risk exists.

I hope he'll resume soon, at least for aluminum coins, they're really popular here.

1EofoZNBhWQ3kxfKnvWkhtMns4AivZArhr   |   Who am I?   |   bitcoin-otc WoT
Bitcoil - Exchange bitcoins for ILS (thread)   |   Israel Bitcoin community homepage (thread)
Analysis of Bitcoin Pooled Mining Reward Systems (thread, summary)  |   PureMining - Infinite-term, deterministic mining bond
Savior
Full Member
***
Offline Offline

Activity: 170


View Profile

Ignore
November 29, 2013, 01:09:47 PM
 #17

Just wanted to add that he always claimed to destroy the private keys after he had put it on the coin. If he thought bitcoin would go this high, he would have bought 10-30k bitcoins then, instead of storing and saving a few 1000 bitcoins that anyone buying them could take from the coin at any time, just for a heist far off in the future if the price skyrocketed. This does not mean they are 100% safe thought, and I knew that risk when I bought some.
CIYAM
Hero Member
*****
Offline Offline

Activity: 910


Ian Knowles - CIYAM Lead Developer


View Profile WWW

Ignore
November 29, 2013, 01:11:54 PM
 #18

Surely people who bought the coins would have transferred the BTC value to a different address by now wouldn't they?

(so the idea that he could *now* go and steal huge amounts of BTC seems a bit unrealistic to me)

With CIYAM anyone can create 100% generated C++ web applications in literally minutes.

GPG Public Key | 1ciyam3htJit1feGa26p2wQ4aw6KFTejU
DeepCryptoanalist3
Jr. Member
*
Offline Offline

Activity: 51


View Profile

Ignore
November 29, 2013, 01:21:26 PM
 #19

So what exactly do you propose? Building a time machine, going back to 2011 and asking Casacius not to make them? Because I don't see what your point is. What is done is done. Maybe they weren't the best idea at the time, but you, and everyone else, is just going to have to live with it, no?

What to do now? Populate the idea that only printed-by-the-owner paper wallets are secure. Fix the page http://en.bitcoin.it/wiki/Physical_bitcoin , remove this false statement from it "the private key remains hidden, which is likely achieved through the use of a tamper-evident seal". And... I don't know. Somehow stop the production of physical bitcoins.
benjamindees
Hero Member
*****
Offline Offline

Activity: 938


View Profile

Ignore
November 29, 2013, 01:49:19 PM
 #20

It is possible to make electronic physical coins that generate their own private keys, hide them from the end user, and self-destruct when tampered with.

It is? How? Not doubting what you say, just interested in the mechanism.

Presumably the destination address is public somehow, and the issuer provides proof (e.g. from the blockchain) that they have sent the requisite amount of coins to the destination address. What if the purchaser opens the physical token and finds that the private key inside does not match the destination address to which the funds have been deposited?

(Newbie here so apologies if this is a stupid question).


The physical token could easily be designed to sign arbitrary data sent to it in order to prove it has the private key.  Counterfeits are possible, but would be easy to spot and not worth the effort.  Something like this.

In order to ensure maximum protection against theft via backdoor, the private key could even be generated based on a user-supplied seed, which I believe is supported by the proposed hierarchical wallet schemes.

How that works from an end-user perspective is that, whenever you get a physical Bitcoin, in order to verify it you push a button on it and send it some small bit of data from a smartphone or computer.  The physical Bitcoin generates a new private key using this data, and returns the associated public key along with a signed transaction to send those Bitcoins to the new address.  Once you verify that the new public key was generated using the data you supplied, and publish the transaction to the Bitcoin network, you know that the only way for an attacker to get those Bitcoins is to have had physical access to the device after the new key was generated.

Civil Liberty Through Complex Mathematics
Pages: [1] 2 3 4  All
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!